Re: “Re-wilding”
It's already in English.
Albeit somewhat archaic.
6094 publicly visible posts • joined 16 Jun 2009
If they "need" to pay a ransom then that company is dead anyway.
Even even if the decryption actually happens, their systems are compromised and so will immediately suffer further attacks.
They're now marked as an extremely high risk so can't get insurance, and the criminals know they're a company who will pay out so will spear-phish them as they're worth direct attacks.
Better that company simply fails without funding the next attack.
Those with very little experience and a lot of student debt have very little choice.
Those with little to no savings - and perhaps a dependent family have no choice at all.
Those two cover the vast majority of the workforce.
There's only two ways to solve this:
1) Legislation to ban these practices, with genuine enforcement.
2) A universal basic income, so everyone can tell a bad employer to get stuffed without losing their home or being unable to eat.
The third option of ignoring the problem because "I'm alright Jack" is unethical and very foolish - it only takes a few months to burn all your savings and be forced to take minimum wage indentured servitude to keep body and soul together, as a great many people have found over the last year or so.
Most non-trivial Android apps are compiled to native code. Usually written in C++, but other compiled languages with C bindings are used too.
Part of the reason Microsoft can do this is because Windows 10 already supports OpenGL/OpenGL ES (via ANGLE) and Vulkan.
Every phone app is hardware accelerated as the CPUs aren't great at pushing pixels, so that part is critical to support.
I honestly cannot remember the last time I heard of a BSOD on Windows 10 that wasn't failing hardware.
macOS on the other hand has BSOD pretty easily.
For example, macOS cannot recover at all if the GPU driver crashes (pretty common on Intel Iris), and requires a reboot to update it.
Windows 10 has neither of those limitations.
The "known folders" still aren't very well documented, so many developers pick an inappropriate one because they don't know better and can't easily find out.
It's very annoying.
Then there are the idiots who hardcode the path instead of looking it up, but there's no helping some people...
They will only drop 32bit support if they want to die.
The vast majority of line-of-business applications are 32bit. Apple can get away with telling their fanboys to buy everything again, Microsoft cannot.
They would have kept 16bit if it had been technically feasible. There was a great wailing and gnashing of teeth when that went away.
Name and shame the manufacturer. On the biggest billboard you can find.
There are "embedded" versions of Windows.
They are very customisable, do *not* go looking for updates on their own etc etc.
If you put the desktop or server version of Windows into a device like CAM then you deserve to be fired. From a cannon. Into a lava pit.
Windows 10 now has a sunset date.
What isn't yet clear is the licence terms of Windows 11.
If they roll the license forward with the same terms, then fine. I don't care, and tbh it's easier for support if I don't need to dig to find the Windows 10 20h2 or build number.
- but FFS give us back an API so we can stick the *real* OS version in a log file.
It's really sad, because systemd isn't inherently bad. The core concept of an init system that handles dependencies, restarts and a config system is a good one - a service should be able to specify that it provides $service_type and requires (eg) an Internet connection and for something providing $other_service_type to already be running and should only be started once those conditions are met - and restarted if shut down waiting for thise
AFAIK, the other leading inits rely on the service itself having scripts for the conditions, the sysadmin manually getting the order right and the like. Very fragile.
With systemd, it really seems like the lead developer is the problem.
I assume they didn't use a car because of the cost.
It's also true that all the current semi-autonomous and autonomous testbed vehicles are using off-the-shelf parts, so this attack will work on them too.
What isn't known (and is out of scope for the paper) is whether any current systems can detect this attack and properly handle it using input from other sensors.
It's well proven that semi-autonomous is the most dangerous phase possible.
Have an example:
Your vehicle claims to be able to do adaptive cruise control, auto braking and lane following on motorways and dual carriageways.
This covers pretty much everything needed to get the car from one end of the M1 to the other without any driver input under most conditions.
One day there's sudden stationary traffic. Normally your car stops for this automatically, but today your car piles straight into the back of the stationary vehicle in front.
Why did that happen?
You saw the stationary traffic and trusted the car to stop.
For some reason the conditions happened to be such that the automation failed. You could not realise that the automation had failed until it was too late to avert the crash.
Instead of your thought process being "slowing traffic, uh oh, stopped, brake harder" it will have been "stopped traffic, why isn't the car slowing? Shouldn't it have reacted by now? *crunch*"
Even basic adaptive cruise control carries this risk because you won't be aware of slowing traffic until much later, especially in a "quiet" or "silent" vehicle.
Credit and debit cards have the additional cost of "bad debt", where some bills/overdrafts are never repaid, and fraud and other situations where the card issuer is held jointly and severally liable for consumer losses.
Those two costs don't really exist in App Store Land. There is never debt - Apple always owe money to the developer - and the financial risk of fraud and non-delivery is passed on to the developer instead, as the app store simply reverses the transaction and pretends it never happened.
The developer never gets the money, Apple are happy.
Idiots. Idiots.
There goes the very last two pieces of Microsoft corporate memory of the entire history of human-machine interface research.
Rule Zero: Important UI elements MUST NOT MOVE
Rule One: The corners are easiest to hit. Put the four most important things in the corners.
So what do they do? Move the Start menu button around, move it away from the corner.
Idiots.
Apple broke a lot of peripherals and software by unannounced unnecessary changes.
We had to completely rewrite a USB firmware stack - and being firmware, it had to be installed on the device by the end user.
Using Windows, because Apple had broken the USB stack so Macs couldn't see it to update it.
There have been a lot of similar breaking changes in many areas on macOS. For many companies the cost of macOS just isn't worth it - do you burn six months every year simply keeping it running (and likely breaking it for older macOS versions), or spend that time on new features and products?
Microsoft has historically been very good at adding OS features without breaking existing hardware and software. If they fail at this then Windows will die - if my users have to learn something new then they might as well learn something free, eh?
They need a silly name so they can be trademarked and Googled.
Eg Vulkan is called that entirely to prevent the problem OpenGL has, where almost all the top hits were showing how to use long deprecated parts of the API.
Sadly some marketeers still don't understand this and insist on inserting punctuation to make it different, thus making the product trademarkable, but impossible to Google as it coerces all punctuation to a space.
Would also avoid the current "your flat is unsafe because we couldn't be arsed to maintain the building and simply pocketed all the service charges for the last 20 years, now pay us another £50,000 to do the repairs that wouldn't have been necessary if we'd bothered tondo our job"
Hanging's too good for some of these landlord freeholders.
Under the Proceeds of Crime Act 2002, and the Terrorism Act 2000.
https://publications.parliament.uk/pa/ld200809/ldselect/ldeucom/132/9031112.htm
And frankly, if my mum was in an ICU that got "shut down" by ransomware I would still be demanding that they do NOT pay any ransom.
If only because I could not possibly trust any of the "decrypted" files.
Nuke the site from orbit and restore from a backup. It's genuinely the only way to trust the system ever again.
QUIC, like TCP and many other protocols, takes an unreliable way of sending packets (ethernet frames, UDP packets) and creates reliability over the top.
There are a lot of different ways to do that.
TCP has a lot of known problems when running over congested links, latency rises and throughput falls exponentially. That can easily end up with everything waiting for a favicon to get downloaded before any of the actual useful content, mainly due to the current insane way web pages are assembled...
QUIC is supposed to be "better", though I'm not yet sure what its pitfalls are.
I've used several other reliable-over-UDP protocols that fix TCP's major problems and replace them with their own new and exciting major problems.
You should read the actual RFCs. It's clear you haven't understood any of it.
TCP does exactly nothing to prevent packet injection. Anyone in the route can swap a few packets if they feel like it, and there's no way for the other end to detect it. An application can only defend against those attacks by layering security on top of the stream - usually TLS.
QUIC requires TLS.
The only way to spoof QUIC packets is to break the encryption or poison the certificate chain. Not impossible of course, but no less difficult than breaking HTTPS.
The Republican Party is split between those who who support the Jan 6th insurrection, and the ones who have been kicked out of the party leadership for refusing to support such attacks on the USA.
The primaries are going to be decided by the vicious career liars like McConnell, Cruz and the batshit crazies, then voted on by the tiny minority of the population that the various Republican governors still allow the vote.
If they kill off or neuter the For The People bills then the USA will become a banana republic with the biggest military in the world.
And they're going to try, because McConnell et al know damn well that they cannot possibly win a free and fair election unless they radically change their policies.
It's pretty terrifying.
“The leak of this information to media outlets is being investigated by the MoD and it would be inappropriate to comment further at this time.”
So if it had only gone to foreign agents who wish to do harm to the UK, that would have been ok?
It's only worth investigating how the media found out that all this highly sensitive personal data has been handed to anyone interested?
WiX.
It's what Microsoft use and recommend. If your application is trivial enough that the built-in macOS tools are usable then WiX is literally a one-liner.
It produces an MSI which will install and uninstall as a single transaction.
Or there's the MSI creator that comes with Visual Studio, just like pkgbuild and productsign come with xcode. Though TBH I've never used it as wix is nicer.
These also mean windows admins can preinstall and remotely install/update whatever they need across thousands of managed desktops. I pity macOS admins, they rely on the end user for so much.
No, it's whoever wrote the installer.
Windows simply believes the installer when it says "I need the OS to restart to work properly".
This is probably primarily because several commercial Windows installer systems assume every application will need a restart. Looking at you, Installshield.
Most applications don't, but whoever wrote the installer didn't find the opt-out.
All major OS have flags for opening a file in an "private" way, meaning that no other process is allowed to change their view of the file.
On Windows, this locks the file completely, no other process may write to or delete the file at all. You can rename or move it though, a fact used by some installers. That works because files are objects in their own right, not just their name.
On Linux and BSD (inc. macOS), this is implemented by giving each process a "private view" onto the file as it existed when the file was opened. IIRC this is done by taking a snapshot of the inode chain that represents the file contents at the time.
If the file is deleted, the filesystem simply hides the file. It's not actually placed into the "free space" list until all open file handles are closed.
If the file is modified by some other process, the changed blocks don't appear for processes that have asked for a private view.
Agency staff are forced to, however.
Many (possibly most) umbrella companies are contracted to agencies, and are the supposed employers of all the agency workers the agency provides.
That's mostly low-paid, on zero-hour contracts.